3 files changed, 59 insertions, 27 deletions

diff --git a/lib/api/users.rb b/lib/api/users.rb
index 2d4d5a25221..a4201fe6fed 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -27,7 +27,7 @@ module API
           optional :location, type: String, desc: 'The location of the user'
           optional :admin, type: Boolean, desc: 'Flag indicating the user is an administrator'
           optional :can_create_group, type: Boolean, desc: 'Flag indicating the user can create groups'
-          optional :confirm, type: Boolean, desc: 'Flag indicating the account needs to be confirmed'
+          optional :skip_confirmation, type: Boolean, default: false, desc: 'Flag indicating the account is confirmed'
           optional :external, type: Boolean, desc: 'Flag indicating the user is an external user'
           all_or_none_of :extern_uid, :provider
         end
@@ -97,29 +97,10 @@ module API
       post do
         authenticated_as_admin!
 
-        # Filter out params which are used later
-        user_params = declared_params(include_missing: false)
-        identity_attrs = user_params.slice(:provider, :extern_uid)
-        confirm = user_params.delete(:confirm)
-        user = User.new(user_params.except(:extern_uid, :provider, :reset_password))
-
-        if user_params.delete(:reset_password)
-          user.attributes = {
-            force_random_password: true,
-            password_expires_at: nil,
-            created_by_id: current_user.id
-          }
-          user.generate_password
-          user.generate_reset_token
-        end
-
-        user.skip_confirmation! unless confirm
-
-        if identity_attrs.any?
-          user.identities.build(identity_attrs)
-        end
+        params = declared_params(include_missing: false)
+        user = ::Users::CreateService.new(current_user, params).execute
 
-        if user.save
+        if user.persisted?
           present user, with: Entities::UserPublic
         else
           conflict!('Email has already been taken') if User.
diff --git a/lib/api/v3/users.rb b/lib/api/v3/users.rb
index 14f54731730..5e18cecc431 100644
--- a/lib/api/v3/users.rb
+++ b/lib/api/v3/users.rb
@@ -9,6 +9,59 @@ module API
       end
 
       resource :users, requirements: { uid: /[0-9]*/, id: /[0-9]*/ } do
+        helpers do
+          params :optional_attributes do
+            optional :skype, type: String, desc: 'The Skype username'
+            optional :linkedin, type: String, desc: 'The LinkedIn username'
+            optional :twitter, type: String, desc: 'The Twitter username'
+            optional :website_url, type: String, desc: 'The website of the user'
+            optional :organization, type: String, desc: 'The organization of the user'
+            optional :projects_limit, type: Integer, desc: 'The number of projects a user can create'
+            optional :extern_uid, type: String, desc: 'The external authentication provider UID'
+            optional :provider, type: String, desc: 'The external provider'
+            optional :bio, type: String, desc: 'The biography of the user'
+            optional :location, type: String, desc: 'The location of the user'
+            optional :admin, type: Boolean, desc: 'Flag indicating the user is an administrator'
+            optional :can_create_group, type: Boolean, desc: 'Flag indicating the user can create groups'
+            optional :confirm, type: Boolean, default: true, desc: 'Flag indicating the account needs to be confirmed'
+            optional :external, type: Boolean, desc: 'Flag indicating the user is an external user'
+            all_or_none_of :extern_uid, :provider
+          end
+        end
+
+        desc 'Create a user. Available only for admins.' do
+          success ::API::Entities::UserPublic
+        end
+        params do
+          requires :email, type: String, desc: 'The email of the user'
+          optional :password, type: String, desc: 'The password of the new user'
+          optional :reset_password, type: Boolean, desc: 'Flag indicating the user will be sent a password reset token'
+          at_least_one_of :password, :reset_password
+          requires :name, type: String, desc: 'The name of the user'
+          requires :username, type: String, desc: 'The username of the user'
+          use :optional_attributes
+        end
+        post do
+          authenticated_as_admin!
+
+          params = declared_params(include_missing: false)
+          user = ::Users::CreateService.new(current_user, params.merge!(skip_confirmation: !params[:confirm])).execute
+
+          if user.persisted?
+            present user, with: ::API::Entities::UserPublic
+          else
+            conflict!('Email has already been taken') if User.
+                where(email: user.email).
+                count > 0
+
+            conflict!('Username has already been taken') if User.
+                where(username: user.username).
+                count > 0
+
+            render_validation_error!(user)
+          end
+        end
+
         desc 'Get the SSH keys of a specified user. Available only for admins.' do
           success ::API::Entities::SSHKey
         end
diff --git a/lib/gitlab/o_auth/user.rb b/lib/gitlab/o_auth/user.rb
index fcf51b7fc5b..f98481c6d3a 100644
--- a/lib/gitlab/o_auth/user.rb
+++ b/lib/gitlab/o_auth/user.rb
@@ -147,10 +147,8 @@ module Gitlab
       end
 
       def build_new_user
-        user = ::User.new(user_attributes)
-        user.skip_confirmation!
-        user.identities.new(extern_uid: auth_hash.uid, provider: auth_hash.provider)
-        user
+        user_params = user_attributes.merge(extern_uid: auth_hash.uid, provider: auth_hash.provider, skip_confirmation: true)
+        Users::CreateService.new(nil, user_params).build
       end
 
       def user_attributes